[ISN] Info on DOD/DISA/DEM Software 'hack'

From: mea culpa (jerichot_private)
Date: Thu Apr 23 1998 - 13:43:44 PDT

Next message: mea culpa: "[ISN] Unscrupulous Security Firms Prey on Unsuspecting Users"

Previous message: mea culpa: "[ISN] "White-out" bug in IE4"
Next in thread: mea culpa: "Re: [ISN] Info on DOD/DISA/DEM Software 'hack'"
Reply: mea culpa: "Re: [ISN] Info on DOD/DISA/DEM Software 'hack'"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

 [Moderator: Now how hard would this have been for the journalist
  writing the story? <sigh>]

 Forwarded From: Mark (Mookie)[SMTP:markt_private]
 Posted To: 	NTBUGTRAQt_private
 Forwarded From: "Prosser, Mike" <Mike_Prossert_private>
 
 From what I can see, the DISA DEM software was/is publically available
 at http://tcoss.safb.af.mil/common/HTML/DSC_support.htm (the link is
 broken though).
 No wonder the feds didn't bother to come after them ;-)
 
 By the looks of ftp://tcoss.safb.af.mil :
 220 tcoss2 Microsoft FTP Service (Version 3.0).
 Name (tcoss.safb.af.mil:root): ftp
 331 Anonymous access allowed, send identity (e-mail name) as password.
 Password:
 230 Anonymous user logged in.
 ftp> dir
 200 PORT command successful.
 150 Opening ASCII mode data connection for /bin/ls.
 11-20-97  05:16PM       <DIR>          ActiveX
 01-27-98  02:47PM       <DIR>          disd
 04-15-98  09:00PM       <DIR>          Disn-W
 03-12-98  08:33PM       <DIR>          DITCO
 04-14-98  01:45PM                    0 dspd8.tmp
 04-17-98  12:20PM       <DIR>          MCI_TCOSS
 04-23-98  06:59AM       <DIR>          PDCBOOK
 03-24-98  08:10PM       <DIR>          R&R
 04-15-98  06:52PM       <DIR>          TSRE
 11-20-97  05:27PM       <DIR>          WinFrame
 ftp> cd Disn-W
 550 Disn-W: Access is denied.
 
 So it appears the "highly technical crack team" just ftp'd the
 software. Wow.
 They fixed the perms on the dir last week.
 
 And what they got:
 
 A software tool set called DEM (Visual Basic Programming based) melds
 the day
 to day network operations and maintenance efforts. DEM provides the
 entire
 RAVN team with a user friendly/graphical based set of tools that allow
 real-time network access for monitoring, control, re-configuration and
 testing of the critical pieces of hardware/software that make up the
 composite RAVN architecture. Both RIMS and DEM data bases are hosted
 on a
 stand alone RAVN server operated and maintained by NTAC personnel. The
 server
 is accessible via a Local Area Network connection and supports up to
 25
 simultaneous users.
 
 Sounds rather useless unless you have the databases of network
 equipment and
 device authentication parameters.
 
 Cheers,
 Mark
 markt_private
 
 

-o-
Subscribe: mail majordomot_private with "subscribe isn".
Today's ISN Sponsor: Dimensional Communications (www.dim.com)

Next message: mea culpa: "[ISN] Unscrupulous Security Firms Prey on Unsuspecting Users"
Previous message: mea culpa: "[ISN] "White-out" bug in IE4"
Next in thread: mea culpa: "Re: [ISN] Info on DOD/DISA/DEM Software 'hack'"
Reply: mea culpa: "Re: [ISN] Info on DOD/DISA/DEM Software 'hack'"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:51:24 PDT